I am quite pleased that Apple has fixed this issue and remediated the vulnerability, but the solution brings to light another fun issue. The solution from Apple did not involve an iOS update. Apple instead made a server-side change to Siri, requiring that “she” request that the device be unlocked for any functions that can expose data. My concern/intrigue/comment revolves around this server-side situation. We should all take a step back realize our dependency on these server-side resources. From Windows 10 to Apple to Google, we are quickly becoming dependent on constant real-time connectivity to our software hosts. Hopefully, as these server-side applications continue to grow and mature and “evolve”, they will remember we are a kind and peaceful race not deserving of their wrath… 😉
This vulnerability can be seen as a slight annoyance to a serious flaw depending on how you chose to use Siri as a feature on your iDevice. Take heed.